Question 1

Which security concept includes the policy, process, and internal controls comprising how an organization is run – including the structures and policies of the leadership and other mechanisms for management?

Options :

A : Governance

B : Information security

C : Enterprise risk management

D : Information risk management

E : Compliance

Answer: A

Question 2

What should every cloud customer set up with its cloud service provider (CSP) that can be utilized in the event of an incident?

Options :

A : A data destruction plan

B : A communication plan

C : A back-up website

D : A spill remediation kit

E : A rainy day fund

Answer: B

Question 3

All cloud services utilize virtualization technologies.

Options :

A : False

B : True

Answer: B

Question 4

Which of the following best describes the primary purpose of cloud security frameworks?

Options :

A : To implement detailed procedural instructions for security measures

B : To organize control objectives for achieving desired security outcomes

C : To ensure compliance with all regulatory requirements

D : To provide tools for automated security management

Answer: B

Question 5

APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.

Options :

A : False

B : True

Answer: B